NOTE: please check the syllabus every week for updates!

Week 1:

Intro

Read:

OSS Chap 1

Butler Lampson. Protection. ACM SIGOPS Operating Systems Review, USA, 1974.

Week 2:

Access Control

Read:

OSS Chap 2

Week 3:

Multics

Read:

OSS Chap 3

F. J. Corbató, and V. A. Vyssotsky. Introduction and Overview of the Multics System. ACM Fall Joint Computer Conference, USA, 1965.

Paul Karger, and Roger Schell. Thirty Years Later: Lessons from the Multics Security Evaluation. Annual Computer Security Applications Conference (ACSAC 2002), USA, December 2002.

The PL/I Newsletter. http://members.dodo.com.au/~robin51/pli-n11.htm

Assignment 1

Week 4:

Commodity OS

Read:

OSS Chap 4

Ben Fathi. What Really Happened with Vista: An Insider’s Retrospective. Medium, USA, 2018.

Week 5:

Security Goals

Read:

OSS Chap 5

Week 6:

Security Kernels

Read:

OSS Chap 6

Marcus Ranum. Building a secure operating system with Roger R. Schell. TechTarget, USA, 2017.

Week 7:

Linux Security Modules and SELinux

Read:

OSS Chap 7, 9

Chris Wright, Crispin Cowan, James Morris, Stephen Smalley, and Greg Kroah-Hartman. Linux Security Modules: General Security Support for the Linux Kernel. 11th USENIX Security Symposium (Security’02), Berkeley, CA, USA, August 2002.

Vinod Ganapathy, Trent Jaeger, and Somesh Jha. Automatic Placement of Authorization Hooks in the Linux Security Modules Framework. 12th ACM Conference on Computer and Communications Security (CCS’05), Virginia, USA, Nov. 2005.

Assignment 2

Week 8:

Capability Systems

Read:

OSS Chap 10

Midterm

Week 9:

Trusted Computing

Read:

Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doorn. Design and Implementation of a TCG-based Integrity Measurement Architecture. 13th USENIX Security Symposium (Security’04), San Diego, CA, USA, August 2004.

Week 10:

Trusted Execution Environment

Read:

Ahmad-Reza Sadeghi. Hardware-Assisted Security: From Trust Anchors to Meltdown of Trust. Chalmers Initiative Seminar: Digitalisation – Security & Privacy | Machine Intelligence, 2018 (Video).

Frank Mckeen. Intel Software Guard Extensions: Innovative Instructions for Next Generation Isolated Execution. Stanford Seminar – Intel Software Guard Extensions, USA, 2015 (Video).

Assignment 3

Week 11:

System Provenance

Read:

Adam Bates, Dave Tian, Kevin Butler, and Thomas Moyer. Trustworthy Whole-System Provenance for the Linux Kernel. 24th USENIX Security Symposium (Security’15), Washington, DC, USA, August 2015.

Week 12:

Peripheral Security

Read:

Dave (Jing) Tian, Grant Hernandez, Joseph Choi, Vanessa Frost, Peter Johnson, and Kevin Butler. LBM: A Security Framework for Peripherals within the Linux Kernel. 40th IEEE Symposium on Security and Privacy (Oakland’19), San Francisco, CA, May 2019.

A. Theodore Markettos, Colin Rothwell, Brett F. Gutstein, Allison Pearce, Peter G. Neumann, Simon W. Moore, and Robert N. M. Watson. Thunderclap: Exploring Vulnerabilities in Operating System IOMMU Protection via DMA from Untrustworthy Peripherals. 26th Annual Network and Distributed System Security Symposium (NDSS’19), San Diego, CA, Feb 2019.

Week 13:

Kernel Fuzzing

Read:

Sergej Schumilo, Cornelius Aschermann, Robert Gawlik, Sebastian Schinzel, and Thorsten Holz. kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels. 26th USENIX Security Symposium (Security’17), Vancouver, BC, Canada, August 2017.

Dokyung Song, Felicitas Hetzelt, Dipanjan Das, Chad Spensky, Yeoul Na, Stijn Volckaert, Giovanni Vigna, Christopher Kruegel, Jean-Pierre Seifert, and Michael Franz. PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary. 26th Annual Network and Distributed System Security Symposium (NDSS’19), San Diego, CA, Feb 2019.

Assignment 4

Week 14:

Formally Verified Kernel

Read:

Week 15:

Virtualization

Read:

Week 16:

Final Projects Presentation